CNNMoney.com
Companies Economy International Corrections Pre-market Trading After-hours Trading Winners/Losers/Actives Bonds Currencies Commodities World Markets Money Magazine Real Estate Taxes Jobs Ask the Expert Money 101 Autos Mutual Funds The Help Desk Loan Center Best Places to Live Ask the Expert Ultimate Guide to Retirement Retirement Calculators Best Funds Ask the Mole Best Places to Retire Big Tech Blog Techland Blog Sectors and Stocks Fortune 500 Techs Tech Talk 100 Best Places to Launch Ultimate Resource Guide Small Biz Makeovers FSB 100 Ask & Answer Fortune 500 Technology Investing Management C-Suite Rankings Main Create Portfolio Edit Portfolio Create Alerts Edit Alerts

Report: More flaws found in Microsoft's Vista

Security researchers, hackers find error in software code, including one underlying Internet Explorer 7.

December 25 2006: 4:28 PM EST

NEW YORK (CNNMoney.com) -- Computer security researchers and hackers have found more flaws in Microsoft's Vista, the long-awaited update to the Windows operating system, according to a report Monday.

One programmer said it was possible to increase a user's privileges on all of the company's recent operating systems, including Vista, while a computer security firm said that it found five other vulnerabilities, including one error in the software code underlying the company's new Internet Explorer 7 browser, the New York Times reported.

TECHNOLOGY

The browser flaw means that users could become infected with malicious software simply by visiting a particular Web site, according to the report.

15 surprise innovations for 2007

That would make it possible for an attacker to inject rogue software into the Vista-based computer, the paper said, citing executives at Determina, a maker of software intended to protect against vulnerabilities.

The new operating system - Microsoft's (Charts) first update to Windows in five years - is crucial for the world's biggest software company. Microsoft has been facing stiff competition from companies like Google (Charts), which has begun offering Web-based applications that rival traditional desktop software.

On Saturday, Nicole Miller, a Microsoft spokeswoman, said the company was investigating the reported browser flaw and that it was not aware of any attacks attempting to use the vulnerability, the paper said.

Microsoft officials were not immediately available for comment on Monday.

The Determina researchers told the paper they had notified Microsoft of four other flaws they had discovered, including a bug that would make it possible for an attacker to repeatedly disable a Microsoft Exchange mail server simply by sending the program an infected e-mail message.

Vista flaw could haunt Microsoft

Last week, the chief technology officer of Trend Micro, a Tokyo-based computer security firm, said he had discovered an offer on an underground computer discussion forum to sell information about a security flaw in Vista for $50,000, according to the Times.

Many computer security companies say that there is a lively underground market for information that would permit attackers to break in to systems via the Internet, the paper said.

Welcome back, Microsoft

It's official: Microsoft launches Vista  Top of page
© 2009 Cable News Network. A Time Warner Company. All Rights Reserved. Terms under which this service is provided to you. Privacy Policy
Live Quotes automatically refresh, but individual equities are delayed 15 minutes for Nasdaq, and 20 minutes for other exchanges. Market indexes are shown in real time, except for the DJIA, which is delayed by two minutes. All times are ET.
* : Time reflects local markets trading time. † - Intraday data delayed 15 minutes for Nasdaq, and 20 minutes for other exchanges. Disclaimer
Copyright © 2009 BigCharts.com Inc. All rights reserved. Please see our Terms of Use.
MarketWatch, the MarketWatch logo, and BigCharts are registered trademarks of MarketWatch, Inc.
Intraday data provided by Interactive Data Real-Time Services and subject to the Terms of Use.
Intraday data is at least 20-minutes delayed. All times are ET.
Historical, current end-of-day data, and splits data provided by Interactive Data Pricing and Reference Data.
Fundamental data provided by Morningstar, Inc..
SEC Filings data provided by Edgar Online Inc..
Earnings data provided by FactSet CallStreet, LLC.
Home | Contact Us | Advertise with Us | Corrections | Career Opportunities | Site Map
RSS | Email Delivery | Portfolio | Podcasts | Mobile | Widgets | User Preferences | Special Sections
| Magazine Customer Service | Download Fortune Lists | Reprints | Conferences | Business Leader Council